What are the User Roles in WordPress?
Last Updated: December 11, 2020 in Guides
If you are running a WordPress blog, chances are that you may need more people to write and edit posts. But how to add new users, and most importantly, how to decentralize users in your WordPress site? Do they need all access to all your features and settings? That’s why WordPress smartly designed the concept of roles to define each user's power and manage user accounts.
For each role, the user is allowed to perform some actions (capabilities) and each user has a user profile in WordPress Dashboard. This way makes managing WordPress sites is much more effective and easier than ever. On top of that, it can help you increase security and protect your Admin area. Your website visitors can not change anything on your sites or even access something they shouldn’t in the Admin area. So, let’s look over 6 user roles WordPress give us before you take part in this play:
Super Admin
When you run a multisite (a network of sites), you will have a Super Admin role. This role was arguably created to manage a network of sites. He/she is like CEO in a company that can manage themes, plugins, networks user, create sites, delete sites, upgrade networks, set up networks, and changes anything. Along with that, super admin also has the power to create new user roles and assign capabilities for users. Or you can understand that they are responsible for the entire job.
Limit: There is no limit in the power of the super admin role.
Administration
- Admin in single site: Administrator in a single site virtually manage one website. In most cases, there is only one admin. The admin in a single site has full power. They can modify, edit, delete, add users, themes, and plugins. What’s more, there is no super admin role in a single site.
- Admin in multisite: In multisite cases, the admin doesn’t have full power as in a single site. Some capabilities of the admin role must be empowered for Super Admin. While the super admin can modify plugins, themes, or users of all sites, admin just manages one site.
Limit: Admin can’t modify all sites, they just manage their own site. And they can’t access to the purchase and payment method by other admins.
Editor
When you are overloaded and need someone to modify the content of all sites, you can assign editor roles for your staff. They can alter any pages and posts like delete, edit, create, or public. Additionally, they can also edit comments, categories, and links.
Limit: Editor can’t change anything related to plugins and themes.
When a website manager has planned to post many topics on his sites, he may need authors to help him create content. So the author is like a content editor. But the capabilities of the author are less than 3 roles above. They just can edit their own post (create, edit, public, delete).
Besides this role, there is a pretty similar role name guest author. They are guests but they can register an account, submit posts themself and you can review their post before publishing.
Limit: The author can’t modify pages and other users’ posts.
Contributors
Contributor is a limited version of author roles. They just read reusable blocks, edit/delete their posts. So, for instance, it is highly possible that you will need many staff members to create various content to launch a high-quality product next month. In that case, you can assign a contributor role to your staff. However, a contributor can’t publish the post. Editors or authors will decide which contents are published.
Limit: They can’t publish a post, upload files or images.
Subscribers
Subscribers have no responsibility for the sites. Their ability is reading, commenting on the post, no more.
Limit: They can’t edit or manage anything on sites.
The User Roles are Less Important Than Others:
Follower
A follower can read and comment on posts in public sites.
Limit: They can’t edit or manage anything on sites.
Viewers
Viewers are someone who receives an invitation to follow a private blog. They can only read and comment on the post in private sites. They have no edit or administrative power.
Limit: They can’t edit or manage anything on sites.
How to Create Roles in WordPress?
There are 2 ways to modify user roles. But remember that unless you are an admin of the site, you can’t use the WordPress Admin Dashboard to create a new user role.
The first way is using WordPress plugins to customize user roles and capabilities. There are 7 plugins to modify roles: User Role Editor, Members, Advanced Access Manager, Nav Menu Roles, WPFront User Role Editor, Capability Manager Enhanced, and Role Scoper. The plugin provides a checkbox that lists all the capabilities so it allows you to easily assign many roles to a user.
The second way is using the Users tab in the WordPress Admin Dashboard. This is suitable for beginners and easy to use. Now, let’s follow these steps to add a new user role:
Step 1: Log in WordPress Admin Panel > Users > Add New Roles
Step 2: Fill in the form with private information: Username, Email, First Name, Last Name, Password and choose the user’s role.
Step 3: Click on Add New Role button
Now you have a new role with his/her information, user avatar, contact, ... Keep the User name and Password secured because anyone having this information can take over the role.
Wrapping up!
The very first step to manage your website effectively is understanding each user’s role and capabilities. WordPress’s role system certainly helps you easily enhance the security of your site. Therefore, we hope that this article provided you essential information about roles that helps you manage your site smoothly and achieve goals.
Bonus: We have an article about creating a contributor list - a list of those who edit and modify a post. You should use it if your site has multiple contributors, authors, ... and you want to show them.